Government wants to test telephone security and take stricter action against pre-installed apps
India wants to force smartphone makers to remove pre-installed apps and mandate screening of major operating system updates under proposed new security rules, according to two people and a government document seen by Reuters.
The new rules, details of which have not yet been disclosed, could extend launch times in the world’s second-largest smartphone market and lead to losses in pre-installed app trading for players including Samsung, Xiaomi, Vivo and Apple.
India’s information technology ministry is considering the new rules over concerns about spying and misuse of user data, a senior government official, one of the two people, said. He declined to be named because the information is not yet public.
“Pre-installed apps can be a weak security point and we want to ensure that no foreign nation, including China, takes advantage of this. It is a matter of national security,” the official added.
India has stepped up scrutiny of Chinese companies since a 2020 border clash between the neighbours saw more than 300 Chinese apps banned, including TikTok. It has also tightened scrutiny on investments by Chinese companies.
Many countries around the world have imposed restrictions on the use of technology from Chinese companies such as Huawei and Hikvision, fearing that Beijing could use it to spy on foreign citizens. China denies these allegations.
Currently, most smartphones come with pre-installed apps that cannot be deleted, such as Chinese smartphone maker Xiaomi’s GetApps app store, Samsung’s Samsung Pay mini payment app, and iPhone maker Apple’s Safari browser.
According to two people familiar with the plan, the new rules would require smartphone makers to provide an option to uninstall the app. In addition, new models would have to be checked for compliance by a laboratory authorized by the Bureau of Indian Standards.
The government is also considering introducing mandatory screening for any major operating system update before it is rolled out to consumers, one of the sources said.
“Most smartphones used in India come with pre-installed apps/bloatware, posing serious concerns for privacy and information security,” according to a confidential transcript of a February 8 meeting of the government’s IT ministry seen by Reuters.
The minutes of the meeting reveal that representatives from Xiaomi, Samsung, Apple and Vivo were present at the closed-door meeting.
The government has decided to give smartphone manufacturers a year to comply with the regulation once it comes into effect. The exact date has not yet been determined, the document said.
The companies and India’s IT ministry did not respond to a Reuters request for comment.
Huge obstacle
India’s fast-growing smartphone market is dominated by Chinese players, with Xiaomi and BBK Electronics’ Vivo and Oppo accounting for almost half of all sales, Counterpoint data shows. South Korea’s Samsung has a 20 percent share and Apple has 3 percent.
While European Union regulations require that pre-installed apps can be removed, there is no screening mechanism to check compliance, as India is considering.
An industry executive said some pre-installed apps, such as the camera, are critical to the user experience and the government should distinguish between these and non-essential apps when imposing screening rules.
Smartphone providers often sell their devices with their own apps, but sometimes also install other apps on them with which they have monetization agreements.
The other concern is that more testing could lengthen approval times for smartphones, a second industry executive said. Currently, it takes about 21 weeks for a smartphone and its components to be tested by the government agency for safety compliance.
“It is a huge obstacle to a company’s market strategy,” the executive said.
© Thomson Reuters 2023
